What happened in the Aztec Connect exploit?

Attackers stole approximately $2.1 million from the deprecated Aztec Connect platform by exploiting a flaw in its transaction verification system. The exploit targeted an old smart contract and did not affect users of the current Aztec Network.

What is Aztec Connect?

Aztec Connect was a decentralised finance bridge launched in 2022 as part of the broader Aztec ecosystem. The platform was deprecated in March 2023 after development shifted to the next-generation Aztec Network.

How much cryptocurrency was stolen in the attack?

The attacker stole around $2.1 million in digital assets. The haul included 909 Ether (ETH), 270,000 Dai (DAI), 167 wrapped staked Ether and several other cryptocurrencies.

How did the attacker exploit Aztec Connect?

According to BlockSec, the attacker exploited a mismatch between transaction verification using zero-knowledge proofs and settlement on Ethereum. This allowed the creation of unbacked balances that could later be withdrawn as real assets.

Were users of the current Aztec Network affected?

No. Aztec Labs said the exploit only affected the legacy Aztec Connect smart contract and did not impact users, funds or assets on the current Aztec Network.

Why couldn't Aztec Labs stop the exploit?

Aztec Connect's smart contracts were designed to be fully immutable, meaning they cannot be modified, upgraded or paused. Aztec Labs stated that it does not hold administrative keys or direct control over the deprecated system.

Image for illustrative purposes only. Not a real photo.

Aztec Connect exploit drains $2.1M from dormant contract

Written by Mahathir BayenaPublished Jun 15, 2026, 5:24 AM

Attackers drained approximately $2.1 million from the deprecated Aztec Connect platform on Sunday by exploiting a vulnerability in the protocol's transaction verification mechanism.

Aztec Labs said it was investigating the incident after funds were transferred from the legacy Aztec Connect smart contract, adding that the exploit did not affect users or assets on the current Aztec Network.

Blockchain security firm BlockSec said the attacker exploited a mismatch between how transactions were verified through zero-knowledge proofs and how they were ultimately settled on Ethereum.

According to BlockSec, the flaw allowed the verification system and settlement logic to interpret transaction data differently, enabling the attacker to create balances that were not properly backed by assets.

The attacker repeated the exploit seven times across multiple cryptocurrencies, stealing 909 Ether, 270,000 Dai, 167 wrapped staked Ether and several other digital assets.

Aztec Connect launched in 2022 as a decentralised finance bridge before being deprecated in March 2023, when deposits were halted and development efforts shifted to the next-generation Aztec Network.

“Aztec Labs holds no admin keys or control over the system; it cannot be paused or upgraded by us,”

The company said following the incident.

At the time of reporting, Ethereum price was $1,716.99.

Aztec Connect exploit drains $2.1M from dormant contract

Frequently asked questions

Assets related to this article